India has been a target of many cyber attacks, cyber espionage and cyber warfare with fingers often pointing towards China and Pakistan. In India, the government’s Indian Computer Emergency Response Team (CERT-In) tracks and monitors cyber security incidents. According to CERT-In, a total of 14.02 lakh cyber security incidents were recorded in 2021. In the first two months of 2022, 2.12 lakh cyber security incidents were recorded.
As per the (CERT- In ), cyber security incidents have been steadily increasing from a total number of 44,679, to 49,455, 50,362 and 53 ,081 during the year 2014, 2015, 2016 and 2017 , respectively. IT Minister Ravi Shankar Prasad said in a written reply to the Rajya Sabha that the types of cyber security incidents included phishing, scanning/probing, website intrusions and defacements, virus/malicious code, ransomware and denial of service attacks etc.
Referring to China as a major ‘challenge’ from a cybersecurity perspective for India, National Cyber Security Coordinator Lt. Gen. (retd.) Rajesh Pant said in Nov 2020 cyberattacks have gone up multifold in the current environment. Mr. Pant, who took over the role of India’s cybersecurity chief, said every day, 4 lakh malware are found and 375 cyber-attacks are witnessed.
While acknowledging that cyber crimes such as malware and phishing attacks, targeted hits on critical infrastructure, data thefts, online frauds, child porn, etc may increase as 40 crore users are expected to be added by 2025 to the existing base of 80 crore Indians with online presence, home minister Amit Shah in June 2022 said the ministry of home affairs is fully vigilant and strengthening its cyber prevention and security infrastructure to prevent, contain and counter these challenges.
Shah also cited the data on the increasing number of cyber crimes being reported in the country.”In 2012, a total of 3,377 cyber crimes were reported and it has gone up to 50,000 in 2020. The number of cyber crimes which were not reported could be in lakhs. We are resolved to create the most secured cyber atmosphere in the world,” he said.The home minister said the Ministry of Home Affairs has launched a cyber crimes reporting portal about three years ago and so far, 11 lakh different kinds of cyber crimes have been reported there.Besides, he said, there were over two lakh social media complaints which were registered on the portal.
“We all know how important is cyber security and how it can contribute for the development of India. India’s progress is not possible without cyber security. Cyber security is integral to the national security and the Modi government is committed to making it robust,” he said.
Cyber Crimes
India was the third worst hit nation by ransomware WannaCry as more than 40,000 computers were affected even though no major corporate or bank reported disruption to their activities. Estimated 1,44,496 cyber security attacks observed in the country during 2014-16.
A cyber security firm Quick Heal Technologies said it has detected over 48,000 MS-17- 010 Shadow Broker exploit hits responsible for ‘WannaCry ransomware’ outbreak in India with West Bengal witnessing the most incidents. Ransomware attacks increasingly affected businesses and consumers, with indiscriminate campaigns pushing out massive volumes of malicious emails. Attackers are demanding more and more from victims, with the average ransom demand rising to over 1,000 USD in 2016, up from approximately 300 USD a year earlier.
Cyber crimes in India caused Rs 1.25 lakh crore loss in 2019 and cyber threats will continue to increase as the country starts developing smart cities and rolling out 5G network, among other initiatives, National Cyber Security Coordinator Lt Gen (Dr) Rajesh Pant said in Oct 2020.
A large-sized enterprise in India loses an average of $10.3 million owing to cyber-attacks and a mid-sized organisation an average of $11,000 annually, said a Microsoft-led study said in Dec 2018. Cyber security attacks have also resulted in job losses across different functions in more than three in five (64 per cent) organisations that have experienced cyber-attacks, revealed the Frost and Sullivan study commissioned by Microsoft. Companies face the risk of significant financial loss, damage to customer satisfaction and market reputation-as is evident from high-profile breaches this year,” said Keshav Dhakad, Group Head and Assistant General Counsel, Corporate, External & Legal Affairs (CELA), Microsoft India.
Ransomware attacks are increasing everyday and these criminals have been working from home. They have no qualms. They are heartless people. They are attacking hospitals because they know in an emergency hospitals will pay,” Pant said at an event organised by industry body Ficci.
Cyber attacks mainly from China, Russia, US, Pakistan and Turkey
India has been the target of over 4.3 lakh cyber attacks from five countries including China, Russia and the US while more than 73,000 attacks were initiated from India between January and June 2018, says a Finnish cybersecurity company. Russia accounted for most cyber attacks on India (255,589), followed by the US (103,458), China (42,544), the Netherlands (19,169) and 15,330 attacks from Germany. The relatively higher number of inbound attacks on Indian honeypots reflects how the fast-digitising country is becoming more lucrative for global cyber criminals,” Leszek Tasiemski, Vice President of cyber security products R&D at F-Secure, said in a statement on Sunday.
Since the Indian government’s decision to abolish Articles 370 and 35A in the erstwhile state of Jammu & Kashmir, the volume of cyber attacks on India and its infrastructure has increased. According to reports, while most of the attacks are believed to be the work of private groups based abroad, there remains a possibility that the increased attacks have the hand of Pakistan-based cybercriminals, who may be collaborating with Turkish and Chinese cyber attackers to focus efforts on India.
According to many cyber experts, several Indian companies and some government institutions have seen recently an increase in cyber attacks originating in China. Like in the case of the infrastructure company, these attacks are often carried out through difficult to-trace proxy servers in North Korea, Africa, Eastern Europe and Russia. Unlike a normal attack, the Chinese breaches tend to exploit vulnerabilities of Indian IT systems and “just observe.”
India has faced increased cyber-attacks from China and Pakistan since the nationwide lockdown was imposed end-March and the country continues to encounter threats from malware that communicates with Chinese servers, according to government officials and cyber security companies. Most of the hackings are through phishing emails, malicious advertisements on websites, and third-party apps and programs, experts said. We may also see Pakistani hackers collaborating with Turkish and Chinese hackers (right now). So far, most attacks have been coming from Pakistani or Turkish hackers, most of who appear to be working without state backing. But in case of China, most Chinese hackers are state backed in some way.” The end objective of these cyber attacks is to give a tough time to India in the cyber world.
Attacks on Critical Infrastructure
The cyber attacks are also becoming sophisticated and now targeting India’s Critical Information Infrastructure (CII). Rapid digitisation in all sectors in India is making the country critically prone to targeted cyber attacks and ‘WannaCry’ ransomware attack is “just the tip of the iceberg”, according to cyber intelligence security company. The vulnerability of Indian critical infrastructure is further increasing with increasingly networking of the country under Digital India including transportation networks, power grids and financial institutions through on-line integration, with more and more official data stored on-line.
There also have been increased sophistication of attacks to target Critical Infrastructure and defence networks. In Sep 2020, Pune-based Quick Heal Technologies NSE 1.13 % has detected calibrated attacks — targeting India’s critical infrastructure — which communicate with ‘command and control’ servers based in China. “Crypto Miners and Remote Access Tool (RAT) malware, are being dropped on victim computers as part of these attacks, enabling remote administration and extensive interactions with those devices,” said Himanshu Dubey, Director of Quick Heal Security Labs.
Prayukth KV, head of IoT marketing at Subex, cites information surveyed from the Subex honeypot. Prayukth stated, “At this point, all of these attacks are targeting connected critical infrastructure. These include critical infrastructure, such as smart cities, utilities, transportation, etc. Defence and oil and gas are constantly targeted, as always. However, what’s important to note is that a sector like agriculture is not targeted.” According to Prayukth, the reason for this is that despite its importance, breaches on smart agriculture infrastructure do not create national impact the way sectors such as transportation, utility resources, defence and oil are noticed.
Suspected state-sponsored Chinese hackers have targeted the power sector in India in recent months as part of an apparent cyber-espionage campaign, the threat intelligence firm Recorded Future Inc. said in a report published in April 2022.
The hackers focused on at least seven “load dispatch” centers in northern India that are responsible for carrying out real-time operations for grid control and electricity dispersal in the areas they are located, near the disputed India-China border in Ladakh, the report said. One of the load dispatch centers previously was the target of another hacking group, RedEcho, which Recorded Future has said shares “strong overlaps” with a hacking group that the U.S. has tied to the Chinese government.
“The prolonged targeting of Indian power grid assets by Chinese state-linked groups offers limited economic espionage or traditional intelligence gathering opportunities,” the Recorded Future report states. “We believe this is instead likely intended to enable information gathering surrounding critical infrastructure and/or pre-positioning for future activity.”
Cyber Espionage and Warfare Campaigns
Pakistan has also made attempts to infilltrate Indian defence networks from March, through a group called APT36, Dubey said. APT36 is believed to be a Pakistan state-sponsored threat actor targeting defence organizations in India. Dubey said the attacks were aimed at stealing sensitive information.
On May 17, the cyber-security firm Symantec stated in a blog post that it had traced breaches of several Indian organisations to a cyber-espionage group called Suckfly. The targeted systems belonged to the central government, a large financial institution, a vendor to the largest stock exchange and an e-commerce company. The espionage activity began in April 2014 and continued through 2015, Symantec said. Another cyber-security firm, Kaspersky Lab, announced that it too had tracked at least one cyberespionage group, called Danti, that had penetrated Indian government systems through India’s diplomatic entities.
India has also been target from many cyber warfare campaigns. In one instance, according to the Toronto based Munk Centre of International Studies, GhostNet — a Chinese network, had infiltrated networks of the Indian Government as well as of the Dalai Lama. The elite National Security Guard’s website was reportedly defaced with profanity-laden messages for Prime Minister Narendra Modi last month.
Tensions ratcheted up in South Asia following the Pulwama suicide bombing against Indian police forces on February 14 and India’s retaliatory strikes against Pakistan. India launched Operation Hangover that has targeted Pakistan and, in response, Pakistan spearheaded Operation Arachnophobia, which sought to obtain intelligence from Indian officials.
Indian Vulnerability
The discovery of potential North Korean malware at both the Kudankulam Nuclear Power Plant and the Indian Space Research Organisation (ISRO) last year, and recent revelations of a Chinese firm tracking Indians’ personal data highlight just how vulnerable Indian cyberspace can be.
“Owing to the government initiatives and efforts, coupled with booming penetration of smartphones, PCs and high-speed internet access, the challenges associated with such attacks amplify significantly — making India one of the hot favourite destinations for a targeted cyber attack,” Israel-based Vital Intelligence Group said in a statement.
He said that there are a lot of vulnerabilities in devices like mobile phones that people use to access services. “We did an analysis on the attack vector in a mobile phone. We found that it is not only apps but there are 15 different attack vectors from where I can hack into a mobile phone. That includes the operating system, its processors, memory chips, communication interfaces, bluetooth as well as wi-fi,” Pant said. Besides the app that people download from the authorised store and third party source, he said that most of the bundled apps or the pre-installed apps have been found sending out data.
Large hardware imports from China is also leads to growing threat of hardware attacks through malicious insertion of malware or kill switch. Malware is a software which is designed to disrupt, damage, or gain access to a computer system There are reports that the Chinese have introduced malware or hidden software in Android phones and other hardware for surveillance, making it almost impossible for the user to detect any anomaly.
Most organizations lack a cybersecurity strategy, while for a large majority cybersecurity was an afterthought. About 59 per cent (three in five) respondents said the fear of cyber-attacks has hindered digital transformation projects,” the study noted. The study also examined the current cyber security strategy of organizations in India. It found that nine in 10 (92 per cent) Indian organisations are looking to leverage Artificial Intelligence (AI) to enhance their cyber security strategy. Additionally, more than one in five (22 per cent) of Indian organisations have witnessed benefits of using AI to achieve faster and more accurate detection of threats.
Vulnerabilities will continue to exist and the only solution against those is personal cyber hygiene and technological steps, Pant added.
“The recent attacks strengthens the point that the biggest existential threat that is out there is cyber. It is evident that the world is already engaged in a 24×7 conflict with anonymous soldiers who are extremely difficult to trace,” said Marc Kahlberg, CEO and MD of Vital Intelligence Group. The group noted that “one size fits all approach” can never be the solution to curb the increasing cyber attacks and a constant vigil is the only solution to stay ahead in the race with the intruders. “Just like the traditional battlefield, there is no one correct strategy, no short term solution and no silver-bullet to win a war. But awareness, understanding and vigilance combined with accurate targeted offensive frontline cyber intelligence will go a long way to keep the enemy busy and protect all of our cyber interests,” added Kahlberg.
Cyber commitment and capability
On the other hand the commitment of India towards cybersecurity measures remain inadequate. As per the findings of the Global Cybersecurity Index 2017 (GCI) released by the UN telecommunications agency International Telecommunication Union (ITU), India ranks 23 out of the 193 member countries when it comes to commitment to cybersecurity. Singapore has topped a global cyber security index released by the United Nations, followed by other UN member states such as the United States, Malaysia, Oman, Estonia, Mauritius, Australia, Georgia, France and Canada, the other top 10 countries.
The Belfer Center for Science and International Affairs at the Harvard Kennedy School recently published a detailed report on a National Cyber Power Index 2020 (NCPI), which creates a ranking system for the “cyber power” of 30 countries. The NCPI defines cyber power as a function of the country’s intent and capability using a set of 32 intent indicators and 27 capability indicators developed by the researchers. The indicators are grouped under seven broad objectives that countries pursue using cyber means, including surveillance, defense, offensive capability, manipulation of the information environment, intelligence, commercial and industrial growth, and norms.
The US, UK and China seem to fill the top 3 slots, based on analysis of 27 unique indicators and 1000 different data sources. China has been ranked as a top contender to displace the United States’ technological superiority. India ranks 21st in the overall NCPI ranking. It did not make it to the top 10 in any of these categories and is classified as a “low-intent, low capability” cyber power — certainly not good news for strategists in the most cyber-attacked nation in the world. Additionally, faced with an ongoing uncertain environment at India’s borders, with aggressive Chinese posturing turned into an occupation of territory Beijing has not disputed before is worrying for india’s planners.
India’s cybersecurity skills gap
Despite a steady increase in demand, India continues to witness a huge shortfall of skilled cybersecurity professionals. A lack of skilled professionals continues to haunt the country that needs about 1 million cybersecurity professionals, according to an estimate by the Data Security Council of India.
As per a PwC study, the instances of cyberattacks on Indian enterprises surged by 117 percent in 2019 compared to the previous year. However, due to insufficient funding and a crunch of skilled resources, the availability of skilled workforce does not live up to the demand in the industry. As thousands of companies look to hire cybersecurity professionals, the gap in the availability of skilled workforce has widened.
Lack of funding continues to impact the supply of skilled professionals in India’s cybersecurity space. Corporate businesses are not making enough investments in cybersecurity training partly because they believe trained professionals will leave for better job prospects. Instead of training employees in cybersecurity, they prefer to hire experienced candidates with necessary skills and expertise.
The dearth of educational institutions that impart cybersecurity training is also a key factor responsible for the shortage of skilled professionals in the country. Currently, a few institutes have entered into income-sharing agreements to train professionals on emerging technologies in cybersecurity. However, in the absence of sufficient institutes and training programs, companies have found it increasingly difficult to recruit the right talent. Also, candidates with formal degrees may not be equipped with key skills required to deal with cybersecurity incidents in a real world scenario. Hence, the need for companies to find and hire suitable professionals remains a key concern.
According to NASSCOM, the rising incidents of cyberattacks along with data protection and privacy laws are estimated to lead to a USD 35 billion revenue opportunity and job opportunities for millions of Indian professionals by the year 2025. Cybersecurity would account for about 10% of the revenue generated by India’s IT sector in the same year.
India’s cyber security Initiatives
The ministry has already created a new wing — Cyber and Information Security Division — to check radicalisation and cyber fraud as part of a major rejig of some of its crucial wings. The new wing, CIS, has been created to monitor online crimes and threats, including cyber fraud and hacking, and suggest ways to minimise and fight them. This division will track and counter online fraud, hacking, identity theft, dark net, trafficking and cyber attacks on critical information infrastructure, the officials said.
The Union Home Ministry is planning to set up an apex coordination centre and has asked states to establish a similar mechanism in every district. It has also released Rs 83 crore for setting up of a cyber forensic training laboratory-cum-training centre for police officials in each state. The cyber crime cases are of varied types. These range from defacement of government websites, online financial frauds, online stalking and harassment, and data thefts. Each requires specialised investigative skill sets and forensic tools,” another official said. The apex centre — Indian Cyber Crime Coordination Centre (I4C) — would be set up in Delhi. It would coordinate with state governments and union territories, and closely monitor the cyber space and social media with due emphasis on vernacular content.
Recognising the strategic dimensions of cyberspace, the Prime Minister’s Office (PMO) created the position of the National Cyber Security Coordinator in 2014 to implement the policy. In India, cyberspace is being looked after primarily by the National Technical Research Organization (NTRO) operating under R&AW. Other top layer of agencies performing cyber operations are the National Intelligence Grid, and the National Information Board.
To ensure Internet security, Computer Emergency Response Team (CERT-IN) was established by Government of India in 2004 that reports Forecast & alerts on Cyber incidents, issuing of guidelines on Cyber incidents etc. occurring in India. In addition, the National Critical Information Infrastructure Centre (NCIIC) carved out CERT in 2013 is to protect assets in critical sectors like energy, banking, defence, telecom, transportation etc. The NSA is to oversee a public-private partnership to set up a cyber-security architecture. In addition, home ministry looks at cybercrime, the external affairs ministry looks after cyber diplomacy and there is a defence cyber agency, headed by a naval officer, a rear admiral.
Security testing: For testing IT products, there are some 10 setups for STQC (Standardisation, Testing and Quality Certification) across the country. There are only a few Indian companies who are making some of the cyber security products and there is a big vacuum in the sector. Further, Pant called for setting up a dedicated industry forum for cyber security to develop trusted indigenous solutions to check cyber attacks.
India’s New Cyber Security strategy 2020
India was one of the first few countries to propound a futuristic National Cyber Security Policy 2013, with vision to build a secure and resilient cyberspace for citizens, business and government and also to protect anyone from intervening into your privacy. The mission is to protect information and information infrastructure in cyberspace, build capabilities to prevent and respond to cyber threat, reduce vulnerabilities and minimize damage from cyber incidents through a combination of institutional structures, people, processes, technology and cooperation.
However, since its adoption, not much has changed in terms of a coordinated cyber approach. The 2013 policy did not look at an action plan. Nor did consider funding, a crucial issue. India needs an updated cybersecurity strategy: Amid the new cyber challenges, the existing structures must be revamped or revitalized. In this direction, the government has formulated a National Cyber Security Strategy 2020 for 5 years.
According to Pant, National Cyber Security Strategy (NCSS) is to ensure a safe, secure, trusted, resilient and vibrant cyberspace for India. “It (NCSS) is presently at the highest level waiting for the last level of signatures,” he said. Pant also said that the government under NCSS will push for building a lot of indigenous capabilities, central apex body, legislative framework and cyber security incidence and response teams at the sectoral and state levels.
The new cyber challenges include a long list– data protection or privacy, law enforcement in evolving cyberspace, access to data stored overseas, misuse of social media platforms and much more. Thus, the existing structures must be revamped or revitalised. This has led to the formulation of a National Cyber Security Strategy 2020 as an upgraded version of Cybersecurity Policy 2013 is required. India has 36 different central bodies to look after cyber issues. Each organization has its own reporting structure and CERT (Indian Computer Emergency Response Team). On the other hand countries like the US, Singapore etc. have a national organization that deals with cyber threats.
The inter-ministerial part over approval by the Union Cabinet is awaited vis-à-vis the 2020 (NCSS 2020). The strategy caters to the entire ecosystem and strengthening the existing structure, informed the National Cyber Security Coordinator, Lt Gen Rajesh Pant in an ASSOCHAM webinar in Sep 2020. The National Cyber Security Coordinator also informed that non-personal data related aspects are also being discussed. “Already the papers are out and comments have started coming in.” Further talking about the data he said that it is something important in the current context whereby there are reports that a China-based company has allegedly been carrying out harvesting of personal data of 2.4 million people which includes Australians, Americans and Indians and that there are allegations of it all being used for inuence operations. “So, this is a very dangerous trend that has to be curtailed, that is why 2020 is going to be the decade of digital trust,” he said.
There is now greater need for indigenous solutions in the cyber security sector. “For all my Indian friends over there, this entire market of cyber security is absolutely open be it the reworks, IDS, IPS, APT and others, go for it, we are there to promote you, this is where digital trust will come in.” He however also said that international collaboration is very important in terms of cyber security as that is where big players come in.
The NCSS case, currently with the Union Cabinet, aims to ensure cyber awareness, safety through cyber audits, preventive measures, action during cyberattacks and remedial measures. The NCSS aims to plug loopholes in cyber laws, last updated in 2008. The NCSS aims to improve cyber awareness and cybersecurity through more stringent audits. Empanelled cyber auditors will look more carefully at the security features of organisations than are legally necessary now. There will be table-top cyber crisis management exercises regularly to reinforce the idea that such attacks can take place regularly.
Ministry of Communications and Information Technology (India) define objectives as follows:
- To create a secure cyber ecosystem in the country, generate adequate trust and confidence in IT system and transactions in cyberspace and thereby enhance adoption of IT in all sectors of the economy.
- To create an assurance framework for design of security policies and promotion and enabling actions for compliance to global security standards and best practices by way of conformity assessment (Product, process, technology & people).
- To strengthen the Regulatory Framework for ensuring a SECURE CYBERSPACE ECOSYSTEM.
- To enhance and create National and Sectoral level 24X7 mechanism for obtaining strategic information regarding threats to ICT infrastructure, creating scenarios for response, resolution and crisis management through effective predictive, preventive, protective response and recovery actions.
- To improve visibility of integrity of ICT products and services by establishing infrastructure for testing & validation of security of such product.
- To create workforce for 500,000 professionals skilled in next 5 years through capacity building skill development and training.
- To provide fiscal benefit to businesses for adoption of standard security practices and processes.
- To enable Protection of information while in process, handling, storage & transit so as to safeguard privacy of citizen’s data and reducing economic losses due to cyber crime or data theft.
- To enable effective prevention, investigation and prosecution of cybercrime and enhancement of law enforcement capabilities through appropriate legislative intervention.
Strategies
- Creating a secured Ecosystem.
- Creating an assurance framework.
- Encouraging Open Standards.
- Strengthening The regulatory Framework.
- Creating mechanism for Security Threats Early Warning, Vulnerability management and response to security threat.
- Securing E-Governance services.
- Protection and resilience of Critical Information Infrastructure.
- Promotion of Research and Development in cyber security.
- Reducing supply chain risks
- Human Resource Development (fostering education and training programs both in formal and informal sectors to support Nation’s cyber security needs and build capacity.
- Creating cyber security awareness.
- Developing effective Public Private Partnership.
- To develop bilateral and multilateral relationship in the area of cyber security with other country. (Information sharing and cooperation)
- Prioritized approach for implementation.
- Operationalisation of Policy
“Cybersecurity is an ecosystem where laws, organisations, skills, cooperation and technical implementation need to be in harmony to be most effective,” stated the ITU report. India’s highly skilled IT workforce should be trained and harnessed by the government for strategic use. There is requirement to develop comprehensive cyber defence strategy to not only defend India, create a social media counter strategy but also attack adversary networks.
Tata Communications’ new Cyber Security Response Centre (CSRC)
Tata Communications’ new Cyber Security Response Centre (CSRC) was launched in Chennai in Sep 2018, the fourth for the company with other centres operating in Pune, Dubai, and Singapore. At the cyber response centre, Tata monitors traffic flows and tries to detect a variety of different attacks, such as phishing or malware, botnets and more.
“We do this using a combination of commercial feeds, open source data, and our own honeypot servers,” said Avinash Prasad, vice president, managed security services for Tata Communications. Honeypot servers are designed to look like they have sensitive data, and entice malicious attacks, in order to identify potential threats.
“People with the right cyber security skills are in short supply,” Tata Communication’s Chief Technology Officer, Srinivasan said. “That is why we are working with universities, and have been collaborating with the Sastra university to set up a cyber security lab.” “There is a significant skill gap in the market, where people who are studying aren’t in sync with the needs of the industry,” Srinivasan added. “We are trying to do guest lectures, and set up internship programs, so that people come into the industry with the required skills.”
Cyber Range Centre at IIDT to train cyber warriors
The International Institute of Digital Technologies (IIDT) in Tirupati is planning to establish a Cyber Range Centre to impart training to students in thwarting cyber attacks. “eSF Labs, which is the technology partner for GFSU, is setting up the Cyber Range Centre,” according to J.A. Chowdary, IT Adviser to the Chief Minister.
“At present, phishing, cyber frauds, ransomware, malicious domains, data thefts, and mobile frauds are posing a threat to the country. We have to prepare lakhs of cyber security warriors to protect from malwares,” he said.“The IIDT students will be trained in tackling all kinds of cyber security threats. The proposed high-end Cyber Range Centre will provide a real-time environment on how to detect and thwart cyber attacks. Discussions will be held with cyber experts, researchers, and students on the subject,” said Mr. Chowdary.
IITJ Technology Innovation and Start-up Centre (“IITJ TISC”), an outfit of the Indian Institute of Technology Jodhpur, and WhizHack Technologies launch India’s 1st Dual Certificate in Cyber Defense
IITJ TISC and WhizHack Technologies Private Limited announced an Advanced Certification Bootcamp in Cyber Defense through their partnership with Cybint. The 480-hour, 6-month intensive course will have self paced modules, complemented by live sessions and mentoring by IIT Jodhpur faculty, industry experts and access to advanced cloud-based labs on latest cyber tools and techniques.
Commenting on the Dual Certificate programme, Prof. Santanu Chaudhury, Director IIT Jodhpur, said, “The biggest cyber security challenge faced by Indian organizations is the shortage of adequately skilled cyber security professionals and the lack of means to train people on new threats like IoT-based endpoint attacks —Advanced Persistent Threat (APT). IIT Jodhpur TISC along with WhizHack intends to create a self reliant India by training individuals to become cyber professionals with latest skillsets and that can safeguard the interests of India’s enterprises, including 5-7 crore SMEs and their ecosystem”.
According to Mr. Kaushik Ray, COO, WhizHack Technologies, “To tackle the exploding high tech cyber criminal network, India needs to establish a new paradigm of constant learning and relearning for professionals in this field, combining the latest and best of Indian and Global knowledge and skillsets. WhizHack, in partnership with Cybint, will provide a unique opportunity to Indian youth to specialize in Cyber Defense which is witnessing global shortage of talent. The new dual certification will allow graduates to build sustainable global career pathways”.
“India is in a remarkable position to become possible leaders in cyber security skills and talent,” says Roy Zur, CEO and Founder of Cybint. “With the largest abundance of unfilled cyber security positions, the Dual Certificate Bootcamp programme will be a game-changer in the path to employment for those interested in a cyber career. We are excited for our newest partnership in the APAC region and are proud to be part of this massive effort to fill jobs and secure India.”
International Cooperation
A cyber partnership can be critical for India to meet its immediate goals in securing its cyber infrastructure and expanding opportunities for the country’s tech sector. Looking forward to becoming a secure cyber ecosystem, India has joined hands with several developed countries like the United States, Singapore, Japan, etc. These agreements will help India to challenge even more sophisticated cyber threats.
Indian and US officials also met in Washington in August 2015 at the whole-of-government cyber dialogue to discuss enhanced cyber security information sharing, cyber incident management and cyber security cooperation in the context of ‘Make in India’. In Jan 2017, India and the US have signed a Memorandum of Understanding (MoU) for close cooperation and exchange of information pertaining to cyber security. The MoU between Indian Computer Emergency Response Team (CERT-In) and US CERT was signed by Electronics and IT Secretary Aruna Sundararajan and Richard Verma, the US Ambassador to India.
With Narendra Modi’s three-day state visit to Israel –India and Israel in their joint statement have committed to promote security and stability in cyberspace – with the possibility of exploring bilateral ties between their respective governments and businesses.
In Oct 2020, the union cabinet, chaired by Prime Minister Narendra Modi has given its approval for signing a Memorandum of Cooperation (MoC) in the field of cybersecurity between India and Japan. The approval to the pact by the cabinet comes in the midst of growing concerns over cyber attacks from China, particularly after India banned over 100 mobile apps with Chinese links. It said the MoC will enhance cooperation in the area of cyberspace and emerging technologies and provide for protection of critical infrastructure and sharing of information on cyber security threats and malicious cyber activities as well as on best practices to counter them. “India and Japan commit to an open, interoperable, free, fair, secure and reliable cyberspace environment and to promote the Internet as an engine of innovation, economic growth, and trade and commerce that would be consistent with their respective domestic laws and international obligations, and with their wide-ranging strategic partnership,” it said.
References and resources also include:
https://theprint.in/diplomacy/cabinet-approves-cyber-security-agreement-with-japan/518954/